Associative Discussion Among Generating Adversarial Samples Using Evolutionary Algorithm and Samples Generated Using GAN

Abstract

The remarkable accomplishments of deep neural networks (DNN) have led to their widespread adoption in various contexts, including safety-critical applications. Many strategies have been implemented to generate adversarial samples using DNN, raising the question of the security of the model. Adding slight magnitude noise to the input samples during training or testing can misguide DNN to produce different results than the actual one. DNNs are sensitive to indiscernible adversarial samples but readily identifiable by them. Currently, gradient-based approaches are used to generate adversarial samples. Gradient-based methods require internal details of the model, such as several parameters, model type, Etc. Usually, these details are practically unavailable, and calculating the gradient for non-differential models is impossible. In this work, we propose a novel DESapsDE framework based on evolutionary algorithms to generate adversarial samples from the probability of labels. We also incorporated the discussion with the various Generative Adversarial Networks (GANs) models, such as ACGAN, DCGAN, and SAGAN. It has been observed that GANs differ from adversarial sample generation methods and can be applied as defense mechanisms. The proposed method reduced model confidence to 13.09% for the ResNet50 model, 30.34% for the WideResNet model, and 23.1% for the DenseNet model, with an FID score of 16.45. The proposed model varies from the GAN model. It applies to attack-on-network models as a preventive major to make the model robust.